What is Goldbug?

GoldBug is a secure email program, which does several useful things. In addition to secure email, there is secure, real time, internet chat. This means that every data packet sent and received is carefully encrypted. Further, GoldBug uses only unbroken cyphers and encryption schemes, which is the only reasonable approach to the use of cyphers of any kind. GoldBug also includes methods to avoid using the standard Internet address resolution mechanisms (ie, DNS which was incautiously designed some decades ago and has been interfered with several times by hostile parties), so your use of email and chat can continue even when an attack has rendered much of the Internet inoperable for a time.

When using GoldBug for email or chat you can be sure that no third party (eg, perhaps a criminal wanting to steal banking details) can eavesdrop on your conversations. User-to-user communication remains private and stays within a "protected" space. To do this on your behalf, GoldBug uses high quality multiple encryption, also called hybrid encryption, to make its use both more practical (keys can be easier to remember, easier to change as needed) and more efficient (ie, quicker encryption and decryption). It uses, well established (and not yet broken) cryptographic techniques from well implemented encryption libraries - such as libgcrypt (a part of the Internet standard GnuPG package) and OpenSSL. GoldBug generates the public / private key pairs required (for several asymmetric encryption algorithms) and the secret keys required for much faster symmetric key encryption algorithms as needed, and securely exchanges them with correspondents, so that your are freed from at least some of the intricacies of safely using encryption for your communications.

GoldBug uses the RSA encryption algorithm, or optionally ElGamal and NTRU or McEliece. The last two algorithms are considered safer in today's cryptographic environment with active attackers and which includes, to some extent, quantum computation. At this writing, GoldBug is the only open source implementation of a cryptographic system using both NTRU and McEliece.

GoldBug offers decentralized and encrypted email and decentralized public IRC-style group chat, but also provides for secure file transfer, thus protecting more than only communications between people just now. Another function allows p2p search (ie, peer-to-peer, without an Internet-wide system with a central server such as Google or Bing).

And, with "Rosetta CryptoPad" and "File Encryptor", GoldBug provides for local file encryption, protecting them even if the computer on which they are stored (yours, perhaps?) is broken into somehow (ie, hacked in common parlance), or even physically stolen (laptops, tablets, and smart phones are of course specially vulnerable).

GoldBug is designed in two cooperating parts: a multi-threaded kernel, and a user interface. The two components are written in the C++ language and require the Qt framework as well as several code libraries (eg, libgcrypt). The required libraries are used in Internet Standard protocols, and are not proprietary. Both versions 4.8.x and 5.x of Qt are supported. GoldBug is available for FreeBSD, Linux, OS X, OS/2, and Windows. As well, it has been compiled for ARM architecture CPUs generally, and for the RaspberryPI credit card sized computers (using an ARM CPU implementation) specifically.

The GoldBug project provides a straightforward user interface, suitable even for beginners, which relyies on code from the existing Spot-On project (http://spot-on.sf.net). Spot-on was developed in Silicon Valley, and as this is written, identifies itself as an exploratory research project investigating a variety of communication and cryptographic algorithms. It is nonetheless sufficiently mature for ordinary use, in particular within GoldBug.

Why is it important that you encrypt your communications?

Every message you send over the Internet necessarily passes through several intermediate nodes (other peoples' computers) and servers (other peoples', or more often companies', computers set up to provide a service over the Internet); doing so is, in fact, the fundamental nature of the Internet itself. It is obvious therefore, that every packet (ie, a small chunk of an almost always larger transmission) making up any and every Internet transmission is available to an unknown number of third parties while in transit. Many entities (actually identified or merely known to exist, from governments with great resources to individuals with few) have been identified as having an interest in reading those flying packets, perhaps including yours. In addition, malware running on computers here or there (including perhaps your own) may be sending copies of your traffic somewhere other than you intended, making interception of your packets as they zoom across the Internet wires unnecessary. Thus, to have privacy, by protecting their information and communication from the malicious, everyone should encrypt messages before they are even launched onto the Internet; if done properly, this reduces every eavesdropper to frustrated contemplation of unreadable gibberish with almost no hope of making any sense of it. Which, of course, is exactly the situation anyone wishing to read our communications should find themselves.

It is sometimes claimed that anyone with nothing to hide need not bother to do so. This is untrue, as a little thought should make clear, for nearly everyone has come to do financial transactions over the Internet, and criminals are very interested in that. The malicious will also be interested, even if you have offered no offense to anyone throughout your life. And in general, there is the question of whether one can even control his own communication, from private endearments to business planning, to voting (some jurisdictions are allowing voting over the Internet, for convenience, and despite the civic dangers in doing so), and to most anything else. In addition, anyone having access to or control of your communications could use it to create much trouble, from distributing child pornography using your computer without your knowledge to sending threatening messages to the President or the Pope.

Perhaps even more vital is ultimately a question of whether a loss of privacy might be used for censorship (eg, by government or pressure groups) or unjust prosecution (eg, can a presumption of innocence survive widespread eavesdropping on communication?). Free thought itself may be said, without overmuch exaggeration, to be at risk when communication is subject to inference, spoofing, and exploitation by the mendacious. More broadly, responsible government and democracy itself requires thought and discussion of public policy choices, in most cases privately at first, and then of course publicly.

Quality cryptography, properly implemented and used, can offer considerable assurance of the human right to privacy as stated in United Nations and many national charters of rights. It is worth the time and trouble learning how to use it. GoldBug makes quality cryptography available to all, and makes it possible to use it to protect many ordinary activities.

GoldBug Messenger is intended to be a secure and easy to use e-mail client and instant messenger, and in addition includes support for other cryptographic uses. An analogy to automobile use is suggestive. Cars at first did not include such safety provisions as seat belts or anti-lock brakes. The situation was found to be unsatisfactory -- people were killed or injured who need not have been. Today, we use seat belts, airbags, and anti-lock brake systems, in addition to many chassis design provisions. In this analogy, unencrypted email or instant messaging is very like using automobiles without safety equipment. Please encrypt your messages, before you send them out to the Internet. The people you talk to should do the same, and for the same reasons.

But the automobile analogy fails in one respect. GoldBug -- and ALL cryptographic protection of messages -- depends on both ends of the communication link operating in synchrony. This means that both users MUST install compatible cryptography; in most cases, as in the case of GoldBug, this means the same software (within limits, as earlier versions may interact with later ones in some cases). Good cryptographic software checks for this sort of thing and GoldBug does as well. But the fact remains that unless the other user also has, and is using, GoldBug, it will not be possible for GoldBug to protect your privacy. You should tell your friends to use GoldBug! There are versions for most operating systems, for the most important kinds of CPU, and most computer manufacturers. It is easy to keep up to date with the most recent GoldBug version because GoldBug is both freely available (free as in both free beer (no cost) and free to use as you wish since there are no restrictive licenses) and readily available on the Internet.

Why use the name "GoldBug"?

The GoldBug is a short story by Edgar Allan Poe.

William Legrand has discovered a gold-colored scarab, and his servant, Jupiter, has found a scrap of parchment near the scarab. Legrand has noticed writing on it, and his behavior (including dreams of wealth) concerns Jupiter, who appeals to an acquaintance (the unnamed narrator) for help. He agrees.

After recovering the writing, and decrypting it, the three start out on an adventure as a team ...

The GoldBug story - one of the few to do so in all of literature - integrates encryption as an element of the story. Poe was one of the first to write popular fiction which included cryptography, with his 1843 publication of "The Gold-Bug". It was an instant success and was extremely popular -- the best known of Poe's works during his lifetime.

It was from Poe's famous story that this software project got its name. More than 170 years later, cryptography is more important, even vital, than in Poe's time. Encryption should be the usual way we communicate over the insecure internet.

Encryption: GoldBug provides alternatives to RSA

GoldBug Messenger includes several alternative cyphers. The reason is a kind of cryptographic common sense. If any becomes inherently insecure (due to advances in mathematical analysis or perhaps to hardware progress (e.g. quantum computing)), another is likely to remain secure.

In addition to RSA, GoldBug has implemented the ElGamal encryption algorithm and also NTRU and McEliece. NTRU, in its most recent versions, and MCEliece (also in the most recent version) are currently thought to be less vulnerable than the others to possible advances in computer hardware performance, notably quantum computing. In fact, there have been some remarkable results proving, under some conditions, that this is so. At this writing, there are no practical quantum computers, but some research has demonstrated that a working quantum computer would have several advantages, including making practical some theoretical attacks against currently secure encryption algorithms. There is considerable research work being done with the aim of making such computers available. None are yet known to be available, but it would be wise to look ahead.

For example, in 02/2016 NIST (the United States government agency which supervises open research and standards in this field) published a Report which stated that RSA is "no longer secure"; this anticipates the possibility of a breakthrough.[1].

GoldBug also provides several optionally available methods for digital signatures, an important aspect of encrypted Internet communciation. Again, these options should allow continuing security in case of cryptanalytic progress against one or another. They include: DSA, ECDSA, EdDSA, ElGamal, and RSA signature algorithms.

And, of course, GoldBug allows each user to choose a key length (longer will be less easily broken than shorter), the encryption cypher to be used in a particular situation, the hash type to be used, and also the "iteration count", and the salt-length in some cases. The advantage for GoldBug users is that each user can individually define these matters, though the defaults were chosen to be sensible in most cases.

It could be called to set manually and individually chosen "Crypto-DNA", which is most important, when end-to-end encryption should be defined. ***?????***

Figure 2: Alternatives to RSA

Figure 2: GoldBug provides alternatives to RSA

RSA, ElGamal, NTRU and McEliece compared

The McEliece cryptosystem is an asymmetric encryption algorithm developed in 1978 by Robert McEliece. It was the first such scheme to use randomization in the encryption process. It is a candidate for secure use in an era of quantum computers, as it is immune to attacks using Shor's algorithm and — more generally — to measuring cost states using Fourier sampling. The algorithm is based on the difficulty of inverting a general linear code (which is a problem known to be NP-hard). McEliece, when using a particular type (ie, Goppa codes), has resisted all cryptanalysis to the time of this writing. The McEliece cryptosystem has some advantages over, for example, RSA. as both encryption and decryption are faster, but there are some disadvantages -- keys are much, much, much, larger. (see https#en:wikipedia.org:wiki/McEliece_cryptosystem)

NTRU is an asymmetric encryption method developed in 1996 by mathematicians Jeffrey Hoffstein, Jill Pipher and Joseph Silverman. It is based on lattice problems which are widely believed to non-reversible (ie, they are very hard and no way to work them out has been found nor, currently, is one suspected). The most recent version of NTRU is not known to be vulnerable to quantum computer based attacks. However NTRUEncrypt has not, at this writing, been as well studied as more venerable (and more common) methods (e.g. RSA). NTRUEncrypt is standardized by the IEEE as P1363.1 (see https://en.wikipedia.org/wiki/NTRU).

The ElGamal encryption algorithm, or ElGamal cryptosystem, was developed by the cryptographer Taher ElGamal in 1985. It is a public-key encryption scheme which is based on ideas first described by Diffie and Hellman in their pioneering key exchange scheme. The ElGamal encryption scheme is based, as is the Diffie-Hellman key protocol, on operations within a cyclic group of finite order. The ElGamal encryption method is provably IND-CPA secure under the assumption that the decisional Diffie-Hellman problem is not trivial over the underlying group. The ElGamal signature scheme is related to the encryption method, but is not identical. (The ElGamal signature method is not implemented in GoldBug ***contradiction. what is correct???***). ElGamal is not subject to patent licensing (see https://en.wikipedia.org/wiki/ElGamal_encryption ).

RSA (named after its inventors Rivest, Shamir and Adleman) is an asymmetric cryptographic algorithm that may be used for both encryption and digital signatures. It uses a pair of keys consisting of a private key used to decrypt or sign data, and a public key. Both keys are generated by GoldBug, at the user's instruction, at some considerable time and effort. Like other asymmetric encryption algorithms, the public key (of a public/private key pair) is transmitted to a correspondent prior to beginning encrypted communications. It may become known to anyone with loss of security. Calculating either key from the other is believed to be computationally infeasible, as in the case of RSA it depends on the difficulty of the integer factorization problem (see https://en.wikipedia.org/wiki/RSA_(cryptosystem). Because of recent results regarding RSA's security, only very long RSA keys should be used.

Hybrid Encryption System

GoldBug implements a hybrid system for authentication of messages and for message confidentiality. The reason for this is that one general class of cyphers (ie, the asymmetric key encryption cyphers, also known somewhat sloppily as public-key/private-key cyphers) is much slower, but more secure in some respects than is the other general class (ie, the symmetric key encryption cyphers). GoldBug uses both to take advantage of their different virtues. GoldBug also generates per-message authentication and encryption keys. These two keys are used for authenticating and encapsulating data, and generally run faster. The two keys are then encapsulated using the public-key of the asymmetric algorithm and sent to another user.

Non-NTRU private keys are evaluated for correctness via the gcry_pk_testkey() function. Public keys must also meet some basic criteria, eg the public-key identifier. ***???***

GoldBug uses the libgcrypt and libntru libraries to generate private and public key pairs. Presently, it optionally generates 12 key pairs during the initialization process. These key pairs may be used uniquely (for up to 12 correspondents) and so key generation need not be often repeated. On the other hand, keys not yet in use are subject to copying should your computer be infiltrated by malware and so may be insecure on first use. Care in storing them is quite important. At present, GoldBug does not support a public key infrastructure (PKI), thus not relying on any third party to provide key authentication. Most cryptosystems in use today have been designed this way, as commercial control of cryptography use is easier when using a PKI with a central key authentication mechanism. Keys in Goldbug must be exchanged (and verified as being correct) in another way; GoldBug provides several. GoldBug also provides a mechanism for securely distributing one time use session keys for data encapsulation. Again, the keys are protected using the public-key system. An additional mechanism allows the distribution of session keys via previously-established private keys. Digital signatures can also be, optionally, applied to the transmitted data, thus assuring the recipient that what was received was what was intended and that there has been no tampering.

Communications between GoldBug nodes which have chosen different key types is possible if the nodes share the same libgcrypt and libntru libraries.

As an example, please consider the following message scheme: EPublic Key(Encryption Key